Vectorial FCSR constructed on totally ramified 
extension of the ^-adic numbers 

Abdelaziz Marjane, 
LAGA, UMR CNRS 7539, Universite Paris 13, Villetaneuse, France 



O 
(N 

D 
tin 

cn 



Abstract 

In this paper, we introduce a vectorial conception of d- FC- 
SRs to build these registers over any finite field. We describe the 
structure of d-vectorial FCSRs and we develop an analysis to ob- 
tain basic properties like periodicity and the existence of maximal 
length sequences. To illustrate these vectorial c?-FCSRs, we present 
simple examples and we compare with those of Goresky, Klapper 
and Xu. 

Keywords: LFSR, FCSR, vectorial FCSR, d-FCSR, sequences, 
periodicity, p-adic, 7r-adic, maximal period. 
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Linear Feedback Shift Register (LFSR) sequences are used in many 
applications in Cryptography and Telecommuncations (see Figure [T] 
In fact, most of Pseudo-Randomn Generators are based on LFSR. To 
study LFSR sequences, we use the ring of the power series with co- 
efficients in the finite fields F^n, denoted by Fpn[X]. An output se- 
quence a = (ao, ai, • • • , Oj, • • • ) is associated to the power serie a{X) = 
Oo + aiX -|- • • • -|- aiX^ + ■ ■ ■ and we find that a{X) is a rational frac- 
tion in Fpn(X) of the form , where q{X) is a polynomial defined 

by the LFSR and called the connection polynomial. So, we obtain the 
basic properties of a like periodicity and distributional properties. For 
example, the period of a divides the order of X modulo q{X). 




Figure 1: Linear Feedback Shift Register or LFSR. 
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Feedback with Carry Shift Registers are a class of non-hnear gen- 
erators and were first introduced by Goresky and Klapper in 1993 (see 
nils]). An FCSR is constructed hke an LFSR but we add a memory cell 
or a "carry" (see Figure [2]). To analyse FCSR sequences, we use the ring 
of the p-adic integers, denoted by Zp. An output sequence is associated 
to its p-adic expansion a = oq + aip + • • • + a^p* + • • • and we find that a 

is a rational number in Q of the form - where q = —1 + qip +•••-!- Qrp"^ is 

Q 

an integer defined by the connection coefficients of the register and called 
the connection integer. So, we obtain the basic properties of FCSR se- 
quences like periodicity, distributional properties, existence of maximal 
length sequences. As for LFSRs, the period of a divides the order of p 
modulo q. 
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Figure 2: Feedback with Carry Shift Register or FCSR. 

In 1994, Goresky and Klapper introduced d-FCSRs (see [2j). These 
registers are like FCSRs but we must add d memories and a "jump" in 
the carry register (see Figure |3]) . These results in the analysis through 
the use of the ring of the vr-adic integers, denoted by ^^[vr] (here vr = -^); 
or the totally ramified extension of Zp, i.e. the ramification index is d. 
An output sequence is associated to the vr-adic integer a = ao + aivr -|- 
• • • -|- a,7r* and we find that a is a fraction in Q(7r) of the form 

- where q = —l + qiTT + ---+qrTr'^ is an element in Z[7r] called the 

connection integer. So Goresky and Klapper obtain some properties of 
d-FCSR sequences. Under some conditions, the period is maximal, i.e. 
it is the order of p modulo |N(q)|, where N(q) is the norm of q in Q(7r) as 
a Q-vector space of dimension d. 




Figure 3: d-FCSR. 
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To extend the construction of FCSR to any finite fields Fpn, tlie 

authors introduced the notion of a vectorial conception in 2010 (see [3l 

Hj). In fact, FCSR and d-FCSR are mainly developped on Fp (where p is 

prime). The analysis of vectorial FCSR is based on Z^n the absolutely 

unramified extension of Zp. The fields of elements can be constructed 

as the quotient ring Fp[X]/(P) where P{X) is a primitive polynomial 

over Fp. Consider a root of P denoted by f3, the field Fpn is the smallest 

field extension of Fp and containing /3, denoted by Fp[/3]. On the other 

hand, Zpn can be constructed as a quotient ring Zp[X]/(P). An output 

sequence a of Vectorial FCSR (see Figure |4]) is first decomposed as a 

vector of n p-aiy sequences denoted by (oq, • • • , Each component 

ttj is associated to its p-adic expansion aj. So a is associated to a vector 

a = (oo, • • • ,an-i) in (Zp)*^ and we find that a is a rational vector in 
1 

Q" of the form — ^Z". Recall that N(g) is the norm of q in Q[X]/(P) as 
N(g) 

a Q-vector space of dimension n. The connection integer q is an element 
of Z[/3]. Then, we obtain the basic properties of VFCSR sequences: all 
VFCSR sequences are eventually periodic and its period divides the order 
of p modulo |N((7)|. 




In 1999, Klapper and Xu have presented a generalization of FCSR 
and LFSR called AFSR (see [6]). Algebraic FSR are constructed over an 
integral and commutative ring R and they consider an element n € R. 
We assume that R/ttR is a finite field. The construction is the same as 
that of FCSR. Also, if we take R = F2n[x] and ir = x where x is an 
indeterminate, we obtain an LFSR. If we take i? = Z and n = p with 
p prime, you have p-aiy FCSR. If we take R = Z[y/2] and n = ^/2, we 
have the case of d-FCSR. This construction generalizes all FSR over an 
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algebraic structure. Any choice of tt defines a new topology on R. They 

consider the completion of R for the vr-adic topology. If R is noetherian, 

this completion is simply the set of power series ao + ai'7r + - • •+aj7r* + - • • . 

For analysis, we have a correspondance between this set of power series 

and the set of sequences over R/ttR. Furthermore, the most important 

P 

results are that the output sequence is the vr-adic expansion of - which 

Q 

is in the fraction field of R and q = —l + qiTr + - ■ ■ + qr7T^ is the connection 
integer. Under more assumptions, the period is the order of vr modulo 
q. All these results about algebraic FSR and their properties are clearly 
described in a book [7J. 

In this paper, we extend the construction of d-FCSR to any finite 
fields ¥pn. We adapt the vectorial conception to d-FCSR and we call 
these new registers Vectorial FCSR. The main idea is to consider P{X) 
a primitive polynomial on Fp and /3 a root of P. The fields ¥pn is 
isomorphic to Fp . We decompose an output sequence a to n sequences 
(og, • • • ,aj^_i) on Fp and for all < j < n — 1, we consider o^^- = 

('^i' ^i+d' '^i+2d' ■ ■ ■ ) d-decimations of the A;-shifts (here < k < 
d — 1) of Uj and their p-adic expansion. We obtain a collection of nd 
sequences on Fp and a a vector in (Zp)"'^. The first main result is: 

Theorem 1.1. The p-adic vector a is a rational vector in , , Z"'^, 

N(g) 

where q is the connection integer in Z[7r, /3] and N is the norm in Q(7r, ^S) 
as a Q-vector-space of dimension nd. 



So for all A; = 0, • • • ,d — l and n = 0, • • • , n — 1, the "sub-sequences" 
j are eventually periodics, then a is eventually periodic (see Theorem 
4.1, Section 4 and 5). In the following, we describe this analysis in 
detail. Note that in |6J (p. 19-25), Klapper and Xu give three examples 
to describe the different cases of AFSR and one of them corresponds 
to d-VFCSR. In fact, AFSR generahze LFSR, p-ary FCSR, p-ary d- 
FCSR, VFCSR and d-VFCSR, but the analysis of AFSR is very formal 
and the period of an output sequence of AFSR divides ordg(7r) and the 
maximal period is ordg(7r). In this paper, we give a practical and easily 
implementable description of d-VFCSRs and an analysis reduced to p- 
adic framework and specific to these registers. We show also the second 
main result: the period divides (i.ordfj(g)(p) and the maximal period is 



this number (see Theorem (5.1 )). It is more easy to compute the order of 
an integer modulo another integer. Furthermore, to find maximal period 
sequences, we have to find prime numbers represented by the nd-form 
defined by N(g). 

The paper is organized as follows : in Section 2, we set the needed 
algebraic background. We introduce d- VFCSR in Section 3, the analysis 
is given in Section 4 and we study the periodicity in Section 5. Finally, 
we illustrate the d-VFCSRs by three examples in Section 6. 
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2 Preliminary Algebraic 



Let p be a prime number, d, n two non negative integers and tt = 
The polynomial X'^—p is irreducible over Q by the criterion of Eisenstein. 
Since it is a monic polynomial and Z is a factorial ring, then X"^ — p is 
irreducible over Z. Q[X] is an euclidean ring because Q is a field. The 
surjective homomorphism of rings defined by Q[X] — ^ Q[tt],R{X) i-^ 
i?(7r) induces an isomorphism of rings between Q[X]/{X'^ —p) and Q[7r]. 
X — p is irreducible in the euclidean ring Q[X], so the ideal {X'^ - p) 
generated by X'^—p is maximal and Q[7r] is a field. It is also the smallest 
field extension of Q containing tt denoted by Q(7r). It is a Q- vector space 
of dimension d with the canonical basis |l, vr, • • • , tt'^^-'^}. 

The surjective homomorphism of rings defined by Z[X] — t- Z[7r], 
R{X) 1-^ -R(vr) induces an isomorphism between Z[X]/(X"' — p) and 
Z[7r]. Here Z[7r] is a free Z-module of rank n with the canonical basis 
{l, vr, • • • , vr'^""^}. The fraction field of Z[7r] is Q[7r] which is an algebraic 
number field of degree d and Z[7r] is an order of Q['7r]. All elements of 
Z[7r] written in the form qo + qiir + ■ ■ ■ + qd-i7r'^~^, where qi & 7^. The 
inclusion Z ^ Z[7r] induces an isomorphism of rings between Z/pZ and 
Z[7r]/7rZ[7r]. Z/pZ is a finite field, then (vr) is maximal (and prime). 

The completion of Q for the p-adic valuation is Qp the field of ^adic 
numbers. Its valuation ring is Zp the ring of the p-adic integers. All 
elements of Zp can be developped as power series of the form Yl^iP^' 

where G Fp. Up to isomorphism, the ring Zp is the unique complete 
discrete valuation ring of the residue field Fp. 

The completion of Q{it) for the vr-adic valuation is Qp(7r) which is a 
Qp- vector space of dimension d and a totally ramified extension of Q. Its 
valuation ring is Zp[7r] which is a free Zp- module of rank d. All elements 
of Zp[7r] can be developped as power series of the form ^ajTT*. The 

residue field of Zp[7r] is Fp. 

Consider Fpn the field of p" elements. Fpn is isomorphic to the quo- 
tient field Fp[X]/(i-') where P is a primitive polynomial of degree n with 
coefficients in Fp. Without loss of generality, we take P of the form 

X"- 1. Let P be the canonical lift of P in Z[X]. We identify P to 

P. Consider /3 G C a root of P and P its reduction modulo p. The field 
Fpn is isomorphic to Fp[/?]. 

Since Z is factorial, pZ is prime ideal and P is reducible in Fp[X], 
then P is irreducible in Q[X]. As P is a monic polynomial, then P is also 
irreducible in Z[X]. By the same arguments of the precedent paragraph, 
we have an isomorphism of field Q[X]/(P) = Q[/?] and an isomorphism of 
ring Z[X]/ (P) = Z[/?]. Recall that Q[f3] is a Q- vector space of dimension 
n with the canonical basis {l, ^, • • • , Z?""^} and Z[/3] is a free Z-module 
of rank n and an order of the number field Q[/3]. All elements of Z[/3] 
written in the form oq + ai/3 + • • • + an-iP"^^^, where G Z. 

The completion of Q{/3) for the p-adic valuation is Qpn = Qp[X]/ (P). 
The field extension Q D Q{/3) is of degree n and Qp[X]/(P) is an 
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absolutely unramified extension of Qp. The valuation ring of Qpn is 
ZpTi = Zp[X]/(P). Up to isomorphism, this ring is the unique complete 
discrete valuation ring of the residue field F^n and a free Zp-module of 
rank n. Consider the following extensions of fields and rings: 



Q(7r) Z[7r] 




Q(/3) Z[/3] 

and Fp ^ Z[7r, /3]/(7r), where Z[7r, /3]/(7r) is the set of the linear com- 
binations ^ Oj (/? mod tt)-' where aj G Fp. Here Z[7r, /3]/(7r) is the 

0<j<n-l 

quotient of the ring Fp[X] by the minimal polynomial of /Jmodvr. Note 
that -P(/3) = implies (Pniod7r)(/3mod7r) = 0. Since Pmodvr = P, then 
P(/3mod7r) = and the minimal polynomial of /JmodTr divides P in 
Fp[X]. As P is primitive, then P is the minimal polynomial of /3mod7r. 
Then Z[tt,P]/{tt) ^ F^n. 

Since P{f3) = 0, then n < n. n is the degree of the extension 
Q(7r,/?) 2 then it is the degree of the minimal polynomial of (3 

over Q(7r) denoted by Pq. There exists also P\ in Z[7r,X] of degree 
n such that Pi{P) = 0. As Q{tt,X) is euclidean, Pq divides Pi, then 
n < n . If we multiply Pq by A an element of Z[tt] such that XPq 
is in Z[7r, X] and if we reduce APq modulo tt, we obtain an anihilator 
polynomial of /3mod7r of degree k < n with coefficients in Fp. Since P 
is the minimal polynomial of Pmodn in Fp, then P divides (APo)™od7r 
and n < k. Then we have n = n = n and we have the following 
relation: [Q[7r,/3] : Q[7r]] = [Z[7r,/3] : Z[7r]] = [Z[7r, /3]/(7r) : Fp] = n. 

'LyiT, 0\ is a free Z-module of rank nd with the canonical basis 
(1, • • • , 7r'/3^ • • • , 7r'^-^/3"-^ } denoted by B. All elements of Z[7r, /3] writ- 
ten as (7 = (To,o + • • • + aijTT^P^ + • • • + crd_i,„_i7r'^~^/3"~^, where CTjj G Z. 

'n-l 

The reduction modulo tt of cr is crmodTr = ^ (a"oj modp)(^mod7r)-^. 

j=0 

The completion of Q(7r, /3) for the 7r-adic valuation is Qpn(7r) the 
smallest extension field of Qp[X]/{P) containing tt and is a totally ram- 
ified extension of Qpn . Its valuation ring Zpn [tt] is a free Zp-module of 
rank nd. The residue field of Zpu [vr] is Fpu . 
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Consider an extension field K (1 L. The norm of an element q ^ L 
over K is the determinant of the linear transformation defined by the 
multiplication by q in L as a i^-vector space. The norm is denoted 
by N^(g). U K Q F Q L, n^{q) = N^(g)N^(g). In the following, 
we will consider the norm of q an element of ^(vr, f3) over Q. With 
respect to the basis {l,7r, ••• ,7r'^~^|, the matrix of the multiplication 

k=d-l 

by 9 = X] ^A;^^ is given by the following matrix: 



( Xo pXrf.i • • • ■pX2 pxi \ 
Xi Xq ■■■ pX3 pX2 



(2.1) 



\ Xd-1 Xd^2 Xi Xo J 

3 Definition of (i-VFCSR 

3.1 Formalism 

To construct d-VFCSR, we keep the scheme of the binary d-FCSR built 
by Goresky and Klapper and we applicate the vectorial conception. Place 
ourself in the precedent algebraic background to redefine the space in 
which we calculate. Let S = {0,ibl,-- - ,zb(p— 1)}. We define the d- 
Vectorial FCSR by the following way: 

Definition 3.1. A d-vectorial feedback with carry shift register over 
(Fp, P, B) of length r with coefficient qi, - ■ ■ ,qr G S[f3] is an automata or 
sequence generator whose state is an element s = (ao, • • • ,ar-i,mr-i) 
where ai G Il^p[/3] (ind m^-i G Z[7r,/3]. We take the canonical lift of 
the collection of ai in Z[/3], compute the element Gr = qittr-i + • • • + 
qittr-i + • • • + ^rOo + fnr-i, whcrc all elements are expressed as vector 
in the basis B. Compute = o",. (modp) where (modp^ applies co- 
ordinates by coordinates following the basis B. Take the canonical lift 

of Qr in Z[7r,/3] and compute rur = — = cJr(divp^, The feed- 

back function is f{s) = (ai, • • • , ar-i,ar,mr) and the output function is 
g{x(), Xi, ■ ■ ■ ,Xr-i,z) = Xq. The d-VFCSR generates an infinite output 
sequence a = {g{s), g{f{s)), g{f'^{s)), ■■■) = {ao,ai,a2, ■■■). The state s 
is called the initial state, qi, - ■ ■ ,qr are called the coefficients of the re- 
currence and the infinite sequence (m^-i, m^, • • • ) is called the memory 
sequence. 

Note that we choose connection coefficients not necessarily positive, 
because if we consider the inverse problem: what is the d-VFCSR out- 
puts a given sequence? We remark that the sequence corresponds to a 



^cr(modp) is the rest of the Euclidean division of cr by p 
^cr(divp) is the quotient of the Euclidean division of a by p 
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"rationnal" - G Q(7r,/3) where q = — Imodvr. The denominator q con- 
structs the d-VFCSR whose output is the given sequence (see Definition 



(4.1 )). So we have: 



i=d—lj=n—l 

q = — 1 + ^ ^ij'^^P^ with G Z for i / and doj G p.Z 

i=d-lk=ri,jj=n-l 

9 =-1+ E E E sgn(,5.,,)<5^'^/3%'^'=+^ with5^'^ G{0,1,--- 
j=o fc=o i=o 

and 6q'^ = 0. We set s = max{rjj}, r = ds + d - 1 and g^*^"*"* = 
sgn((5jj)(^^'-' or for k > rij, then: 

g =-1+E' '"eW 7t' with qjGS, 
1=1 j=0 

I=r 

g =-l+E Qi TT^ with g/ G 

1=1 

The integer r is the size of the d-VFCSR and the collection of qj are the 
connection coefficients. Note also that the connection integer does not 
give an unique d-VFCSR. In fact, we take a simple example to show this: 
ax d = p = 2, n = 1; for q = — I + tt = — 1 — (p— l)7r-|-7r^, the connection 
integer gives at least two d-VFCSR, one of size 1 and an other of size 3. 

Finally, the p-ary FCSRs correspond to d-VFCSRs with d = 1 and 
n = 1. The VFCSRs correspond to d-VFCSR with d = 1 and n > 1. 
The p-ary d-FCSRs correspond to d-VFCSR with d > 1 and n = 1. 
So d- VFCSRs generalize FCSRs, d-FCSRs and VFCSRs. The figure ^ 
represents a d-VFCSR in the case d = 2 and n = 2. 

3.2 Vector calculus of rf-VFCSR over (Fp, P, B) 
We write all elements or its lift in the vectorial basis B. For all 

j=n—l 

ieN, a^= E 4/?^'; a^eYp 

k=d—lj=n—l 

i>r-l,mi= E E ml ■it'' ; ml ■ £ Z 

j=n—l 

i<i<r, q,= E <if3'; 9je5, 

j=0 
k=d—lj=n—l 

fc=0 j=0 

In calculating a, we find a polynomial expression of degree 2n — 2 in 
/3 thus we must eliminate the degree greater than n — 1 to obtain the 
coordinates for a in the basis B. For this, we must express the power 
of /? in terms of B with the polynomial P. So we set for all j > n. 
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t=n-l . 

P'' — S HP*^ where &j G Z. We get the coordinates of cr: for z > r, 



t=n—l r k=t i=r 



-II— 1 r re=t 1=7- j=2n—2 . fc=n— 1 j=r i -i 

t=0 '-A;=Oi=l j=n k=j-n+li=l i=0 ■' 



i=d-l 



t 

k=t i=r j=2n—2 k=n—l i=r _ 

EE(4«n)+ E E E(^K4))+"^o:^'+'E 

k=0 i=l j=n k=j—n+l i=l 



/3* 



d-l 



a: 



i,t 



'0,t 



the coordinates of the output sequence: 



t=n—l r k=t i=r j=2n—2 . k=n—l i=r -i 

E EE(4<4)+ E E E('zK4)) + "^o:^' ■"od7r(;3mod7r)* 



t=0 '-^^oi=l 



j=n A;=j— n+1 i=l 



and the coordinates of the memory values in the basis B: 



(3.1) 



a-y — a. 



IT 



mi 



— ' 77 ^ P 



i=d-2 t=n-l 

E E ^f+i,t^'/3*+ E 

i=0 t=0 t=0 ^ 

E E rnl-l,7r^P'+ E -^"-'P' 



E <+M^^ + 



i=0 



m: 



i,t 



m; 



(3.2) 



i=d—l i=d—2 



i=l i=0 



(3.3) 



4 Norm and Analysis of c?-VFCSRs 

The vectorial output sequence a corresponds to n binary sequences aj = 
(opieN- We consider aj^j the cZ-decimations cyclic shift of aj for each 
0<j<n-l: 



j=n—l j=n—l 

a = {ai)ieN= E KOieN/?'' = E -J^^' 

j=0 3=0 



(4.1) 



and we have for all < A; < d — 1, 



(4.2) 
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With this vectorial vision of elements, we construct a similar correspon- 
dence to that of VFCSR. For each aj, we associate its vr-adic development 
and we obtain a vr-adic vector a = {aj)Q<j<n-i- 



(4.3) 



where Zp[7r] is the ring of the vr-adic integers. It is a free Zp-module 
of rank d with the canonical basis |l, vr, . . . , vr'^"^}. For each j, set 

aj = Ylk=o('l2z&N'^'j'^~^^P^)''^^ ■ s^-ch a/^ j, we associate its p-adic 

development and we obtain a p-adic vector a = {akj)k,j associated to 



(4.4) 



Definition 4.1. We define the connection integer of the d-VFCSR by 

i=r i=r 

q = —1+ X^gjvr* G Z[vr, /3]. We set for each 0<j<n — 1, qj= Ylil]'^^- 



i=l 



i=l 



For each < k < d — 1, take 



J = Yl qf^^p'- We have 

i;l<di+k<r 



j=n—l j=n—lk=d—l 
j=0 j=0 k=0 



(4.5) 



Using (jSJj), ([3^, ([3^, (|4^, (|44|) and (|4^, a verifies the following 
integral linear system 

l=j u=k l=j u=d-l 

~ E E 'in,iak-u,j~i - E E 'iu,iak-u+d,j-iP 

1=0 u=0 1=0 u=k+l 

t=2n—2 l=n—l u=k 

- E E Y.Qu,iak-u,t-i 

t=n l=t+l—nu=0 
t=2n-2 l=n-l u=d-l 

~ E E E 9u,lo:k+d-u,t-lP = Pk,j 

t=n l=t+l-nu=k+l J 0<k<d-1.0<j<n-l 

This system can be written in matrix form with a square matrix M € 
A^nd(Z). This matrix is called the connection integer matrix of the d- 
FCSR over {¥p,P,B). Furthermore, using ([33]), (|4l|, 

and (4.5), a verifies the following integral linear system 

t=2n-2 l=n-l \ 



1=3 

aj - qiaj-i - E E = 

1=0 t=n /=t+l_7i 



(4.7) 



0<j<n-l 



This system can be written in matrix form with a square matrix M € 
A4„(Z[vr]). We have the following theorem: 
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Theorem 4.1. Consider a d-VFCSR over (Fp,P, ^S) of length r with 
connection coefficient qi, . . . ,qr. Let M the square matrix defined by 



(4.6) and M the square matrix defined by (4.7). For all output sequence 



consider a the ir-adic vector defined by (4.3) and a the p-adic vector 



defined by (4.4). We have the following assertions: 



1. M.a = y where y = {pj)j G (Z[7r])"' is defined by (4.7). 

2. M' .a = y where y = {pk,j)k,j G (Z)"'^ is defined by ( [Xt] ). 

3. The matrix M is the matrix in the canonical basis B of the <Q-linear 
transformation defined as the multiplication by —q. The matrix M is the 
matrix in the canonical basis {l,/3, • • • of the Q{7:)-linear trans- 
formation defined as the multiplication by —q. 

4. Wehavedet{M) = }^'^^^f\-q), det(M') = Nj^'^^(-g) anddet{M') = 
N«-)(det(M)). 

5. The coefficients of the diagonal of M are congruent to 1 modulo vr 
and the other coefficients are multiples o/vr. 

6. det(M) is congruent to 1 modulo vr and M is invertible in A^„(Z[7r]). 

7. det(M ) is congruent to 1 modulo p and M is invertible MndC^)- 

8. The TT-adic vector a is in - — ; — -ZM"' and the p-adic vector a is in 

det(M) ^ ^ ^ 

det(M') 

Proof. - The points (1) and (2) are direct consequences of the calculation 



of a and a using recursive relations ((3.1), (3.2), (3.3), (4.2), (4.4) and 



(4.5)) between the connection coefficients, the initial state and the initial 
memory. To find the matrix M, we use the same calculations considering 
all elements as vectors on Q('7r). 

- For the point (3), if we read the linear transformation defined by —q as 
a vector over Z and over Z[7r], we find respectively the matrix M and 
M. 

- The point (4) is direct consequence of the definition of the norm and 
its basic properties. 

- For the points (5), M is equal to the identity matrix minus a matrix 
whose coefficients are linear combinations of the collection {%,■■■ , (jn-i) 
and the qj are multiples of tt. The point (6) is a direct consequence of 

- The norm NQ'''^^(det(M)) is the determinant of the matrix ( |2.1[ ) with Xi 
is the i-th component of det(M) with respect to the basis |l, . . . , tt'^^^^. 
By (6), xq is congruent to 1 modulo p. So the determinant of this matrix 
is congruent to 1 modulo p and M is invertible. The point (7) is showed. 

- For the point (8), M and M have a comatrix respectively in Z and 
Z[7r], and we have: 

a = — — I — ^sgn(detM')Comat(M').w' and 
I det(M )| ^ ^ ^ V / y 

a = ^^^^p^sgn(detM)Coiiiat(M).y. 
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Figure 5: Representation of d-VFCSR with n = 2 and d = 2. 



□ 

For all q G Z[7r, jS\ such that q = — Imodvr, we denote g) by 

N and nJ^-'^V?) by iV'. is an element of Z[7r] represented by an 
n-form defined by M with arguments {q^ — 1, gi, . . . , qn~i)- As far as, N' 
is an integer represented by an nd-form defined by M with arguments 
(^0,0 — 1> ^1,0) ■ ■ ■ 1 qd-l,n-l)- 

5 Periodicity 

In this section, we discuss the periodicity of output sequences of d- 
VFCSRs. 

Theorem 5.1. Consider a d-VFCSR over (¥p,P,B). Let an output 
vectorial sequence a. 

1. For all < j < n — 1 and for all < k < d — 1, aj^ j is eventually 
periodic and its period divides ord^/(p), where ord^/(p) is the order of 
p modulo N' . 

2. For all < j < n — 1, Cj is eventually periodic and its period divides 
d.ord^>{p). 

3. a is eventually periodic and its period is the Icm of the periods of the 
collection a.j and divides d.ordj^i{p). 
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Proof. - The second point of Theorem (4.1) shows that ak,j = ^j^- A 



p-adic integer is a rational if and only if its subsequence is eventually 
periodic, then the sequence a^, ^ is eventually periodic and its period is 

equal to the order of p modulo —, — 7 — . So the period divides the 

gcd{Af ,y^ .) 

order of p modulo the denominator. 

- For all j, a - = (a^, aj, . . . , a*-, . . .). For all i, it exists a pair (/, A;) 



-J ^ J ' J ' ■ ■ ■ ' J 
such that i = dl + k with Q < k < d — \. We have a 



i+doxA^i (p) 



divides d.ord^/ (p). 

- The same proof as in [[3j,page 245, Prop 2]. □ 

Corollary 5.1. If N is a prime number, p is a primitive root modulo 
N , d is relatively with N — 1, then the period of a is equal to N — 1. 

Proof. If N' is prime and p is a primitive root modulo N' , then ord^/ (p) = 



N — 1. By the theorem (5.1 ), the period of Uf^ j is 1 or — 1 for all k 
and j. If for all k and j, the period of aj^ j is 1, then the period of aj is 
1 and the period of a is 1. Otherwise there exist k and jo such that the 
period o^jq is — 1. If d is relatively with A^ — 1, the application 

jo, d, . . . , d{N' - 2)| ^ |o, 1, . . . , Af' - 2| , dx ^ {dx):aod{N' - 1) 

is injective. In fact {dx)mod{N' - 1) = (dy)niod(A^' - I) 4^ N' - 1 \ 
d{x — y)^N — 1 \ (x — y). Since |x — y| < A^ — 1, then x — y = 0. The 
both set have the same cardinal, then the application is injective. 
So for jo, a^'+^'-' = ^fd-H)+k+N'-i ^ ^d(d-hHk ^ ^^^^ 
period of aj^ divides the period of a^j,,. By the same argument, the 
period of divides the period of 0^-^^. So we have an equality and the 
period of a is lcm(l, A^' - 1) = Af' - 1. □ 

Remark 5.1. 

- // we have only N is a prime number and p is a primitive root modulo 
N , then the period of a^ j is N — 1 or 1. If there exists k and jo such 
that the period is N — 1, i.e. aj is not trivial, then N — 1 divides the 



period of a^. By the theorem (5.1 ), the period of a is a multiple of N — 1. 
- If we have only N' is a prime number, then the period ofuf^ j is ord^i (p) 
or 1. If there exists k and jo such that the period is ordj^i{p), i.e. i s 



not trivial, then ordj^'{p) divides the period of Uj. By the theorem (5.1), 
the period of a is a multiple of ord^i (p) . 



6 First case: p = 2, n = 2 and d = 2 

We place ourselves in the binary case p = 2. In this part, we will present 
the first case n = 2 and d = 2. The case n = 2 is special because to 
build our vectorial d-FCSR, there is a single irreducible polynomial of 
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degree 2 on F2: X'^ — X — 1 modulo 2. We take tt = 22 and /? such that 
= /3 + 1. We analyse the quadratic case of VFCSRs. From Equations 
(3.1) and (3.2), operations are defined as follows: 



1. Form integers dg q and ctq, as follows ctqq = ^ ('Zi'^i 

i=l 

i=r 



1,0 



'0,1 



1=1 



) + 



,z-l 
0,1 



and o" 



1,1 



m 



1,1 



2. Shift the content of the main register register on step to the right 
and shift the content of the carry register to the bottom, while 
outputing the rightmost bits Oq"* and a^~* and the lowermost carry 



Iq and ttiq as shown in Fig. ([s]), 

3. Put and replace ag = ctq q (mod 2) , af = cjg ^ (mod 2) 
and mf 1 = (div2) = ^^V^. 



m 



1,0 



0,0 



(div2) 



^0,0 



The matrix M is of the form 
M' is of the form: 



/I - 0^0,0 
-91,0 



-2gi,o 
1 - 0^0,0 



V 



-90,1 
-91,1 



-2gi,i 
-q'o.i 



1 - go 
-ft 

-^0,1 

-qi,i 



1 



-qi 
% - qi 

-2gi,i 

-qo,i 



and the matrix 



- 90,0 - 90,1 

-qi,o - 91,1 



-2gi,o - 2(71,1 
1 - 90,0 - 90,1 / 



(6.1) 



From the definition of qkj, we have 



X 


= 90,0 


= E 9o'^2^ 


= E 9o'^2\ 






l<2i<r 


l<i<[r/2] 


y 


= 91,0 


= E qf 


^^2^ = E qf+^2' 






l<2j+l<r 


0<i<[(r-l)/2] 


z 


= 90,1 


= E 9^2^ 


= ^ g2i2i and 






l<2j<r 


l<j<[r/2] 


t 


= 91,1 


= E qT 


^^2* = E 9?'"^^ 2^ 






l<2i+l<r 


0<i<[{r-l)/2] 



(6.2) 



The coefficients go,o and 9o,i are even and qi^Q and gi^i can be odd. We 
must research prime numbers represented by with these arguments 
respecting these conditions. With a simple program of matlab, we gen- 
erate the numbers represented by this 4-form (see Table ([T])). 
Example 1: If we take N = 151 with the quadruplet (0,1,2,2), then 
we find the following connection integer: q = qiir + q2TT'^ + 937r^ — 1 = 
TT + /Svr^ + ^vr^ - 1 = TT + 2/3 + 27r/3 - 1.. The quadruplet (0, 1, 2, 2) 
corresponds to the d-VFCSR of size 3 represented in the figure ^ and 
generates sequences with the period is a multiple of ordi5i(2) = 15. For 
example, the initial state (ao, ai, 0,2, m) = (1, 1 + /3, /3, 5 — /? + 47r/3) gen- 
erates the eventually periodic sequences in Table ([2| with the period is 
equal to 15. 
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n' 


X 




z 




n' 


X 


y 




t 


n' 


X 


V 


z 


t 


iV' 


X 


V 


z 


t 


9 


2 


1 


4 





25 


6 


2 





1 


41 


2 


1 


4 


2 


31 


2 


1 





3 


49 


4 


1 


2 


3 


71 


2 


1 


2 


3 


79 


2 


1 


4 


1 


81 


2 


2 


4 


3 


89 


2 


3 


4 


2 


121 


2 


3 


4 


1 


151 





1 


2 


2 


169 


4 


2 


2 


3 


191 


4 


3 





2 


239 


4 


1 





2 


241 


6 


3 





1 


271 


2 


3 


2 


3 


279 


2 


3 


2 


1 


281 


6 


1 


6 


2 


289 





3 








311 


2 


2 


6 


1 


359 


4 





6 


2 


361 


6 





6 





369 


2 


2 


6 


2 


401 





3 





2 


409 





1 


4 


3 


431 





3 





1 


439 








6 


3 


441 





2 


2 


3 


449 


4 


1 





3 


479 


4 


3 


6 


2 


521 


4 


3 


4 


1 


529 


6 


1 








569 


2 


1 


6 


2 


601 


2 


1 


6 





625 


6 











631 


6 


3 


6 


2 


641 


6 


3 


2 


3 


711 


2 


1 


6 


1 


719 


2 





6 


1 


729 


4 


3 





3 


751 


6 


1 


2 


1 


769 





2 


4 


3 


761 


4 


2 





3 


801 


6 


1 


2 





839 


6 





2 


1 


841 


2 





6 





881 





1 


6 


2 


911 





2 


6 


1 


929 





3 


6 


3 


961 





2 


6 





991 


6 


3 





2 


1025 


6 


1 





3 



Table 1: Prime numbers represented by A^'. 
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26 






















ai 


1 



1 
1 



1 



1 






1 
1 


1 




1 



1 


1 




1 



1 


1 
1 



1 


1 



1 
1 


1 




1 



1 


1 
1 






1 
1 










1 
1 



1 



1 


1 
1 



1 


1 



1 
1 


1 




1 



1 


1 
1 






m}] 
ml 
m^ 
m\ 


5 
-1 


4 



4 
3 
1 


3 
1 
1 

4 


1 
4 
2 
1 


2 
1 
1 
3 


1 
3 
2 
1 


2 
1 
1 
3 


1 
3 
1 
2 


1 
2 
2 
2 


2 
2 
1 
2 


1 
2 
1 
2 


1 
2 
2 
2 


2 
2 
1 
3 


1 
3 
2 
2 


2 
2 
1 
3 


1 
3 
2 
2 


2 
2 
1 
3 


1 
3 
1 
2 


1 
2 
2 
3 


2 
3 
1 
2 


1 
2 
2 
3 


2 
3 
1 
2 


1 
2 
1 
2 


1 
2 
1 
1 


1 
1 
1 
2 


1 
2 
1 
2 


1 
2 
2 
2 


2 
2 
1 
3 


1 
3 
2 
2 


2 
2 
1 
3 


1 
3 
2 
2 


2 
2 
1 
3 


1 
3 
1 
2 


1 
2 
2 
3 


2 
3 
1 
2 


1 
2 
2 
3 



Table 2: d-VFCSR sequence for iV' = 151. 

Example 2: We recover also the example of Klapper and Xu [6j with 
g = vr + (1 + /3)7r^ — 1 = Stt + 27r/3 — 1 represented here by = 401 and 
the quadruplet (0,3,0,2). The quadruplet (0,3,0,2) corresponds to the 
d-VFCSR of size 3 represented in the figure ([T]) and generates sequences 
with the period is a multiple of ord4oi(2) = 200. 

Example 3: If we take = 409 with the quadruplet (0, 1,4,3), then 
we find q = qiir + g27r^ + gsvr^ + q4_Ti^ - 1 = (1 + /3)7r + /Svr^ + /Svr^ - 1 = 
vr + 7/37r — 1.. This quadruplet corresponds to the d-VFCSR of size 4 in 
the figure ([s]) and generates sequences with the period is ord409(2) = 204 
or 408. For example, the initial state (oq, oi, 02, 03, m) = (1, 1 + /3, 1 + 
/3, /3, 5 — /3 + 47r/3) generates an eventually periodic sequences with the 
period is 408. 
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1 



Figure 6: Representation of 2-VFCSR with n = 2 and iV = 151. 



ix: 




1 



Figure 7: Representation of 2-VFCSR with n = 2 and N' = 401. 



16 




1 



Figure 8: Representation of 2-VFCSR with n = 2 and iV' = 409. 

7 Conclusion 

In this paper, we have presented a vectorial conception adapted to the d- 
FCSR in order to build d-FCSR on any finite fields. These registers gen- 
erate eventually periodic sequences with the period divides d.'N'^^'^\q). 
These registers generalize |?-ary FCSR, p-aiy d-FCSR and VFCSR and 
are a particular case of AFSR. In this paper, we give a complete descrip- 
tion and a p-adic analysis of these registers using vectorial method and 
illustrating with simple examples. The results are easily implemented in 
software and hardware. We can easily generate longer sequences, just 
look for prime numbers represented by the nd-forms. 
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